VYPR

rpm package

suse/ImageMagick&distro=SUSE Linux Enterprise Server 11 SP4

pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Vulnerabilities (332)

  • CVE-2017-16353MedNov 1, 2017
    affected < 6.4.3.6-78.40.1fixed 6.4.3.6-78.40.1

    GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the I

  • CVE-2017-16352HigNov 1, 2017
    affected < 6.4.3.6-78.40.1fixed 6.4.3.6-78.40.1

    GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a

  • CVE-2017-15930HigOct 27, 2017
    affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1

    In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.

  • CVE-2017-15281HigOct 12, 2017
    affected < 6.4.3.6-7.78.17.1fixed 6.4.3.6-7.78.17.1

    ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."

  • CVE-2017-15277MedOct 12, 2017
    affected < 6.4.3.6-7.78.17.1fixed 6.4.3.6-7.78.17.1

    ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting d

  • CVE-2017-15218MedOct 10, 2017
    affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2

    ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.

  • CVE-2017-15033HigOct 5, 2017
    affected < 6.4.3.6-7.78.8.1fixed 6.4.3.6-7.78.8.1

    ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.

  • CVE-2017-15017HigOct 5, 2017
    affected < 6.4.3.6-78.40.1fixed 6.4.3.6-78.40.1

    ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.

  • CVE-2017-15016HigOct 5, 2017
    affected < 6.4.3.6-78.40.1fixed 6.4.3.6-78.40.1

    ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.

  • CVE-2017-14997MedOct 4, 2017
    affected < 6.4.3.6-78.79.1fixed 6.4.3.6-78.79.1

    GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.

  • CVE-2017-14733MedSep 25, 2017
    affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1

    ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

  • CVE-2017-14649MedSep 21, 2017
    affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2

    ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).

  • CVE-2017-14607HigSep 20, 2017
    affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1

    In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

  • CVE-2017-14533MedSep 18, 2017
    affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1

    ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.

  • CVE-2017-14531MedSep 18, 2017
    affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1

    ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.

  • CVE-2017-14505MedSep 17, 2017
    affected < 6.4.3.6-78.40.1fixed 6.4.3.6-78.40.1

    DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Imag

  • CVE-2017-14343MedSep 12, 2017
    affected < 6.4.3.6-7.78.17.1fixed 6.4.3.6-7.78.17.1

    ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.

  • CVE-2017-14342MedSep 12, 2017
    affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1

    ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.

  • CVE-2017-14341MedSep 12, 2017
    affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1

    ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.

  • CVE-2017-14326MedSep 12, 2017
    affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1

    In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.

Page 4 of 17